package com.ruan.config;

import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.ruan.common.Code;
import com.ruan.common.MessageConstant;
import com.ruan.exception.BusinessException;
import com.ruan.mapper.AdminMapper;
import com.ruan.mapper.CommonUserMapper;
import com.ruan.pojo.Admin;
import com.ruan.pojo.CommonUser;


import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import javax.annotation.Resource;
import java.util.ArrayList;
import java.util.List;

@Service
public class AdminAuthorizeService implements UserDetailsService {


    //https://blog.csdn.net/qq_56769991/article/details/122881160?ops_request_misc=%257B%2522request%255Fid%2522%253A%2522168158149316800226519949%2522%252C%2522scm%2522%253A%252220140713.130102334.pc%255Fall.%2522%257D&request_id=168158149316800226519949&biz_id=0&utm_medium=distribute.pc_search_result.none-task-blog-2~all~first_rank_ecpm_v1~rank_v31_ecpm-6-122881160-null-null.142^v83^insert_down38,239^v2^insert_chatgpt&utm_term=org.springframework.security.access.AccessDeniedException%3A%20%E4%B8%8D%E5%85%81%E8%AE%B8%E8%AE%BF%E9%97%AE&spm=1018.2226.3001.4187
    @Resource
    private AdminMapper adminMapper;

    @Resource
    private CommonUserMapper commonUserMapper;

    //作用是根据用户名查询数据库中的用户信息，
    // 然后封装成一个User对象返回，用于Spring Security进行身份验证和授权
    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {

        if (username.equals("admin")){
            LambdaQueryWrapper<Admin> adminWrapper = new LambdaQueryWrapper<>();
            adminWrapper.eq(Admin::getUsername,username);
            Admin admin = adminMapper.selectOne(adminWrapper);

            if (admin!=null) {
                List<GrantedAuthority> authorityList=new ArrayList<>();
                //创建一个包含"ROLE_ANONYMOUS"角色的GrantedAuthority列表。
                authorityList.add(new SimpleGrantedAuthority("ROLE_ANONYMOUS "));
                //使用org.springframework.security.core.userdetails.User类创建一个User对象，
                // 包含用户名、密码和权限列表。
                User user =
                        new org.springframework.security.core.userdetails.User(username,admin.getPassword(),authorityList);
                return user;//返回这个User对象
//                return User
//                        .withUsername(username)
//                        .password(admin.getPassword())
//                        .roles("ADMIN")
//                        .build();
            }else {//admin=null
                throw new BusinessException(Code.LOGIN_ERR,
                        MessageConstant.LOGIN_ERR_PASS);
            }
        }//用户名不是"admin"

        LambdaQueryWrapper<CommonUser> commonUserWrapper = new LambdaQueryWrapper<>();
        commonUserWrapper.eq(CommonUser::getUsername,username);//查询CommonUser表中的记录。
        CommonUser commonUser = commonUserMapper.selectOne(commonUserWrapper);
        if (commonUser!=null){
            if (commonUser.getStatus().equals("禁用")){
                throw new BusinessException(Code.LOGIN_ERR,
                        MessageConstant.LOGIN_ERR_STATUS);
            }
            List<GrantedAuthority> authorityList=new ArrayList<>();
            //创建一个包含"ROLE_COMMON_USER"角色的GrantedAuthority列表。
            authorityList.add(new SimpleGrantedAuthority("ROLE_COMMON_USER"));
            //使用org.springframework.security.core.userdetails.User类创建一个User对象，
            // 包含用户名、密码和权限列表
            User user
                    = new org.springframework.security.core.userdetails.User(username,commonUser.getPassword(),authorityList);
            return user;
//            return User
//                    .withUsername(username)
//                    .password(commonUser.getPassword())
//                    .roles("COMMON_USER")
//                    .build();
        }else {//commonUser=null
            throw new BusinessException(Code.LOGIN_ERR,
                    MessageConstant.LOGIN_ERR_PASS);
        }
    }
}
